Hi, there is some service which is reaping the port 443 from httpd: Oct 1 00:45:00 fwxx <daemon.[LOG_NOTICE]> pm[250]: Reaped: httpd[2213] Oct 1 00:45:00 fwxx <daemon.[LOG_NOTICE]> pm[250]: Scheduled httpd for +1 secs Oct 1 00:45:01 fwxx <daemon.[LOG_NOTICE]> pm[250]: Restarted /bin/httpd[3866], count=2
After moving the ssl port of the voyager to f.e. 4433 I´m able again to connect to voyager again. Best regards Frank Sackewitz From: Alexey Baltacov <[email protected]> To: [email protected] Date: 02.10.2011 09:22 Subject: Re: [FW-1] Odd http requests after upgrade to R75.20 Sent by: Mailing list for discussion of Firewall-1 <[email protected]> Hi, I got the pretty similar problem with several WEB servers. The server was configured as "WEB Server" and "protected by = ANY" Once the server wasn't protected by same gateway I have upgraded (several gateways managed by same Smart Center) - I changed the "protected by" to same gateway really protects it and now all working. In case it will not solve you problem - try to configure type of web server you are using or uncheck the "web server" checkbox until Checkpoint will solve it. Alexey On Fri, Sep 30, 2011 at 2:03 AM, Eamonn Twohig <[email protected]> wrote: > Hi all, > > We've a bit of an oddity here after upgrading our firewalls to R75.20 from R65 HFA70. Management Server was done about 10 days ago whilst gateways were done in the last two days. > > Since the upgrade of one of the gateways yesterday, everything seemed to be working as previous until we discovered that no-one could access our website anymore. A quick investigation, using tcpdump and fw monitor, revealed that the firewall was dropping all https requests when hitting the external IP of the web server. Which is the weird thing, because no-one is sending https requests, only http. It seems that the firewall is somehow converting http requests to https and then obviously dropping them as our rulebase will only allow http. There are no problems accepting and forwarding smtp traffic; there are no problems for anyone doing udp lookups against our dns server; no problems for anyone hitting our ftp server. Only the web server is causing us grief. > > We've opened a support case with Check Point but so far, they are stumped. This mailing list has some experienced people as members though, so thought I'd ask ye too. Has anyone seen something like this before? > > If all resources on the DMZ were inaccessible then that would make more sense, or at least make it easier to troubleshoot, but this specific issue with inbound http requests getting dropped as https is a little odd. > > Thanks, > Eamonn > > -------------------------- > Sent from my BlackBerry Device > > > > Confidentiality Notice: This electronic message contains information that is privileged or confidential, is the property of QC Data, and is intended only for the use of the intended recipient. If you are not the intended recipient, you are hereby notified that disclosure, copying, distribution or use of this information is prohibited. If you have received this message in error, please delete the original message and any copy of it in your possession and notify us by telephone or email immediately. > > QC Data (Ireland) Limited > > Registered in Ireland, Number: 158091 > VAT Registration No.: IE 6556091K > > Registered office: 70 Sir John Rogerson s Quay, Dublin 2, Republic of Ireland. > > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > -- Sincerely, Alexey Baltacov [email protected] | Tel: +972-504989954 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= Besuchen Sie HASCO auf der FAKUMA 2011 in Friedrichshafen vom 18. - 22. Oktober 2011 , Halle A2 / Stand 2202. Abonnieren Sie jetzt unseren Newsletter und bleiben Sie stets up-to-date! HASCO Hasenclever GmbH + Co KG | Sitz: Lüdenscheid | Geschäftsführung | Mag. Christoph Ehrlich | HRA 3072 AG Iserlohn | PhG: Hasenclever GmbH | HRB 4493 AG Iserlohn | Ust-IdNr. DE 125796912 | Zertifiziert nach DIN EN ISO 9001 | -DE- Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind, oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten diese Mail. Das unerlaubte Kopieren oder die unbefugte Weitergabe dieser Mail ist nicht gestattet. This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
